Dynamoo's Blog
Malware, spam, scams and random stuff, by Conrad Longmore.
Thursday 27 August 2015
Malware spam: "Payslip for period end date 27/08/2015" / "noreply@fermanagh.gov.uk"
›
This spam does not come from Fermanagh District Council . Of course it doesn't. It is instead a simple forgery with a malicious attach...
Wednesday 26 August 2015
Malware spam: "RE:resume" leads to Cryptowall
›
This fake resume spam has a malicious payload. I got part way through decrypting it to discover that @Techhelplistcom had done all the ha...
1 comment:
Fake fax spam spoofs multiple senders, has malicious payload
›
This fake fax spam comes from random senders - company names and attachment names vary from spam to spam. From : "Heaney, Vandervo...
Malware spam: "Scanned image from MX-2600N" / "noreply@victimdomain.com"
›
NOTE : As of December 2015 there is an updated version of this spam run . This spam is not from a scanner, but it is instead a simple f...
1 comment:
Tuesday 25 August 2015
Malware spam: "Invoice 26949 from I - SPI Ltd" / "sales@ispitrade.com"
›
My spam traps did not collect the body text from this message, so all I have is headers. However, this fake financial email is not from i-...
1 comment:
Malware spam: "UPDATE_VACATIONS_SCHEDULE_09_2015.pdf" via sugarsync.com
›
This fake Dropbox email leads to malware, hosted on the sharing service sugarsync.com . From : June Abel via Dropbox [no-reply@dropbo...
1 comment:
Malware spam: "Visa Card Aug 2015" / "david@ellesmere.engineering"
›
This fake financial spam does not come from Ellesemere Engineering but is in fact a simple forgery with a malicious attachment. From ...
4 comments:
Monday 24 August 2015
Popular German wesite dwdl.de hacked, serving malware via 94.142.140.222
›
Popular German media website dwdl.de has been hacked and is serving up malware, according to this URLquery report . URLquery's IDS f...
3 comments:
Malware spam: "Message from scanner" / "scanner.coventrycitycentre@brianholt.co.uk"
›
I don't have the body text for this particular message, but I can tell you this is not from Brian Holt (a property agent in Coventry,...
Friday 21 August 2015
What the hell is event.swupdateservice.net?
›
So.. I saw some mysterious outbound traffic to event.swupdateservice.net/event ( 138.91.189.124 / Microsoft, US ). Googling around for th...
Thursday 20 August 2015
Malware spam: "Email from Transport for London" / "noresponse@cclondon.com"
›
This fake TfL spam comes with a malicious attachment: From "Transport for London" [noresponse@cclondon.com] Date Thu,...
Search the Ashley Madison hacked leaked database (enter name or email)
›
Search the Ashley Madison hacked leaked database (enter name or email) E-mail of the cheater: or First name: Last Name: fuzzy No...
1 comment:
Wednesday 19 August 2015
Malware spam: "SHIPMENT NOTICE" / "serviceuk@safilo.com"
›
This fake financial spam does not come from Safilo UK Ltd but is instead a simple forgery with a malicious attachment: From servic...
3 comments:
Monday 10 August 2015
Malware spam: "Gabriel Daniel" / "Resume" / "Gabriel_Daniel_resume.doc"
›
This fake résumé comes with a malicious attachment: From : alvertakarpinskykcc@yahoo.com Date : 10 August 2015 at 19:40 Subject :...
1 comment:
Malware spam: "Premium Charging MI Package for Merchant 17143013" / "GEMS@worldpay.com"
›
This fake financial email does not come from Worldpay but is instead a simple forgery with a malicious attachment: From : GEMS@world...
6 comments:
Malware spam: "Your order 10232 from Create Blinds Online: Paid" / "orders@createblindsonline.co.uk"
›
This fake invoice does not come from Create Blinds Online but is instead a simple forgery with a malicious attachment. From : order...
1 comment:
Friday 7 August 2015
Malware spam: "Sleek Granite Computer" / "saepe 422-091-2468.zip" / "nulla.exe"
›
What the heck is a Sleek Granite Computer? As clickbait it is kind of weird.. but perhaps interesting enough to get people to click on the...
Thursday 6 August 2015
Malware spam: "Voice message from 07773403290" / ""tel: 07773403290" [non-mail-user@voiplicity.co.uk]"
›
This fake voicemail spam comes with a malicious attachment: From "tel: 07773403290" [non-mail-user@voiplicity.co.uk] Date...
1 comment:
Spam: "The Funding Institute" / thefundinginstitute.org and fundinginstitute.org, Patchree Patchrint and Anthony Christopher Jones (yet again)
›
" The Funding Institute " (using the domains thefundinginstitute.org and fundinginstitute.org ) is yet another highly questionab...
5 comments:
Wednesday 5 August 2015
Malware spam: "Booking Confirmation - Accumentia (16/9/15)" / "David Nyaruwa [david.nyaruwa@soci.org]"
›
This fake financial spam is not from SCI or Accumentia, but is instead a simple forgery with a malicious attachment: From David Ny...
Malware spam: "IMPORTANT - Document From Ofcom Spectrum Licensing" / "Spectrum.licensing@ofcom.org.uk"
›
This spam does not come from OFCOM but is instead a simple forgery with a malicious attachment. From : Spectrum.licensing@ofcom.org....
Tuesday 4 August 2015
Malware spam: "Need your attention"
›
A variety of malicious spam messages are in circulation, each with "Need your attention" in the subject. Each message has a diff...
2 comments:
Malware spam: "INVOICE HH / 114954" / "haywardsheath@hpsmerchant.co.uk"
›
This fake invoice is not from Heating & Plumbing Supplies but is instead a simple forgery with a malicious attachment: From [h...
Monday 3 August 2015
Malware spam: "E-bill : 6200228913 - 31.07.2015 - 0018" / "noreply.UK.ebiller@lyrecobusinessmail.com"
›
This fake financial spam does not come from Lyreco but is instead a simple forgery with a malicious attachment: From : noreply.UK.e...
Saturday 1 August 2015
Spam: Countrywide Money Ltd (countrywidemoney.co.uk)
›
You know things must be desperate when a business turns to spam. Here's a dubious-looking spam that seems to be presenting itself in a w...
7 comments:
‹
›
Home
View web version